1. Identity of CookieScript
If there are any questions regarding this Privacy Policy you can contact CookieScript using the details below:
enBAMA Muhendislik Ltd.
info@enbama.com
2. What information do we collect?
You may visit our site anonymously although cookies are used to identify your session.
2.1. Contact form data
If you choose to use the inquiry form on our website, basic contact details are collected such as the email and name of the contact person.
2.2. Account data
When you register for an account, we collect and store your e-mail address.
2.3. Membership data
In order to issue an invoice for paid services, we also need to collect additional contact details about you or your business such as full name, email, contact address, business name, and business activity. We do not collect or store your credit card information. Payments are processed by PayPal or Stripe; we store only transaction IDs when relevant.
2.4. CookieScript item data
When you create or edit a CookieScript item we collect your direct input (domain name and optional pop-up content/settings) to provide the Service and the Pop-up shown to End Users.
2.5. End User data
If enabled, the Service can log anonymized End User data such as an anonymous key, consent choice, partially anonymized IP address, timestamps, page where consent was given/revoked and browser agent. This data helps remember and prove consent and is not considered personally identifiable in this context.
2.6. Automatically generated data
When enabled, aggregated statistics (clicks per day, category preferences) are generated and cannot be used to identify a particular End User.
3. What do we use your information for?
We may use collected information for several purposes:
- To answer your inquiry;
- To contact you regarding our services;
- To identify you as a contracting party;
- To enable invoicing and transaction processing;
- To provide secure login and subscription handling;
- To provide aggregated reports on End User interactions with the Pop-up.
4. Legal basis
4.1. EU General Data Protection Regulation (GDPR)
Processing of data is based on your consent or where processing is necessary for the performance of a contract or pre-contractual steps, cf. GDPR art. 6(1)(a)-(b).
If you are a resident of the EEA you have rights including access, correction, deletion, objection, restriction of processing and data portability. To exercise these rights, email support@cookie-script.com or use the account profile controls. You may also complain to your local data protection authority.
4.2. Children’s Online Privacy Protection
We do not intentionally collect information from anyone under 13. The service is directed at people who are at least 13 years old or older.
5. How do we protect your information?
We store data only with GDPR-compliant providers (e.g. DigitalOcean, AWS, Hetzner). Data is password-protected and accessible to authorized personnel only. Personnel sign confidentiality agreements when appropriate.
5.1 Confidentiality
All data is protected by password access. We do not store bank details and subcontractors sign confidentiality agreements when needed.
5.2 Transparency
You can request information about where and how data is stored and used. We will keep you informed of changes affecting privacy and security.
5.3 Monitoring
We use internal and external monitoring tools to maintain system performance and availability.
5.4 Personal data breach notification
In the event of a data breach we will notify affected users and the ICO within 72 hours with details and remediation steps.